Bonum Certa Men Certa
The Latest Microsoft Strategy: Embrace, Extend, Deceive, Abuse and Diffuse | Links 7/2/2015: Manjaro 0.8.12, Korora 21

Parasitical Firms Like Black Duck Exploit Bugs With Branding to Market Nonfree Services/Software

Skulls



Summary: Parasites that take advantage of public panic and lack of comprehension are occupying paper space, as usual

LAST WEEK we wrote about the overblown threat called/dubbed "GHOST" (all capital letters) by the company seeking to make money from it despite being only the third to discover it and knowing it was not much of a big deal. We have not yet heard about any major exploit, which pretty much can be said about the OpenSSL bug as well (this one too was discovered by two entities before a Microsoft-connected firm irresponsibly publicised it, giving it a name and a logo to sell its own services and spread FOSS-hostile FUD for many months to come). What unifies the GLibC and OpenSSL bugs is that they got "brand recognition" very quickly. It was like a marketing campaign rather than a non-alarmist discussion about security -- something that non-technical/technically-illiterate journalists would surely fail at.



"As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame."Days ago we saw the most FOSS-hostile IDG Web site becoming a platform of Black Duck, a Microsoft-connected firm that sells proprietary software by spreading and accentuating fear of FOSS. The article at hand uses bugs with "branding" to spook FOSS users while Black Duck, paying to publish this self-promotional press release on the same day, is still pretending to be an authority in FOSS.

The bugs with "branding" were also exploited by Veracode in this article (on the same day) and as Eric Lorenzo pointed out: "If businesses don't update legacy software, often they will will have bugs fixed in later versions! Shock!"

"I wonder what percentage of businesses are using obsolete Windows without updates," he added.

As more stories are published in the media about big "hacks" (cracks) against large corporations we can't help but feel that the media neglects to mention that Microsoft Windows -- not OpenSSL or Bash, let alone GLibC -- is usually to blame. It not only sports back doors but is also badly designed and won't patch known critical holes. It is basically designed to be not secure.

When it comes to reporting on computer security, the corporate press has almost zero legitimacy. All it knows is brands and it is eager to promote corporate partners that piggyback those brands (like "heartbleed") or stories (Anthem, Sony, etc.), claiming to be experts and offering remedies other than patches which were already issued and are free to apply by all.

The Latest Microsoft Strategy: Embrace, Extend, Deceive, Abuse and Diffuse | Links 7/2/2015: Manjaro 0.8.12, Korora 21

Recent Techrights' Posts

Gemini Links 10/04/2025: "Secret of Happiness" and Overthinking POSSE
Links for the day
Microsoft's "Linux" Foundation Pays Writers to Publish Propaganda and Then LLM Slop Sites (Slopfarms) Repeat the Propaganda, Using Microsoft LLMs
consider the latest LLM slop
Alleged Layoffs at IBM Consulting in Australia
IBM loses many government contracts these days
The Rumours Were Likely True: Sixth Wave of Microsoft Mass Layoffs in 2025 (Days After "50" Anniversary and About 5,000 Layoffs)
5 hours ago, by Ashley Stewart
 
Slopwatch: A Sea of LLM Slop About SparkyLinux, Kubernetes, Ubuntu, and Linux Kernel
Welcome to the future? The future of the Web?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, April 10, 2025
IRC logs for Thursday, April 10, 2025
Links 10/04/2025: NNCPNET Email Network, RSS Readers, and IRS as 'Immigration Enforcer'
Links for the day
IBM Layoffs in Markham (Canada) Apparently Still Happening
"Still going on... Got laid off today. TEL Canada, Band 9, 19 years with IBM."
Links 10/04/2025: Fentanylware (TikTok) Perils and Internet Shutdown
Links for the day
Once You Slop You Can't Stop and If You're a Serial Slopper Nobody Will Believe You Really Wrote an Article (Even If You Did)
It's a lot like, "if you're a serial liar people won't believe you even when you say some truth" (or "once a cheater, always a cheater")
Pressing Against SLAPPs (From Americans Who Strangle Women While Microsoft Pays Their Salaries) is a High Priority for Us
We also need to ensure that greedy firms/people that facilitate the SLAPPs get "disbarred" or "struck off"
Mozilla Firefox Already Down to 1% in Brazil
Don't people crave the surveillance and the slop?
Links 10/04/2025: Hardware, Politics, and Internet
Links for the day
Gemini Links 10/04/2025: Creativity and Agitation, Life in the USA, CSS Naked Day 2025
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 09, 2025
IRC logs for Wednesday, April 09, 2025
Malware in Proprietary Software - Latest Additions
Original by Free Software Foundation, Inc.
Links 09/04/2025: More Trade Wars and Wars, Chinese Army Troops Found Fighting in Ukraine
Links for the day
Linux Clickbait by Slop
Give it up for Brian Fagioli, the Serial Slopper
IBM and MCC: Layoffs Coming Again to Metro Connect Company Limited (MCC) as Tariffs Bite and IBM's Shares Fall
Blacklists applicable to Chinese suppliers also mean that IBM can no longer cooperate with key partners in Asia
Microsoft's Entire Premise for Its Future Existence Goes Up in Flames
32 minutes ago
GNU/Linux on a High in Colombia
Stereotypes much?
Go Static
Please don't Go(lang) or JavaScript or PHP or...
Techrights Be Like...
K.I.S.S.
Gemini Links 09/04/2025: Autism, Cybersecurity, and LLMs Attacking Services Online
Links for the day
GNU/Linux Would be Measured at Over 5% Globally (by statCounter) Had the Data in India Not Been Changed
GNU/Linux grew a lot in many countries and has expanded since then
Keeping Track of Microsoft Layoffs in 2025
So here's a quick roundup of 2025
The Sixth Anniversary of the Lightweight Alternative to the Web (Gemini Protocol)
Now 11 short of 3,000 active capsules. 65 short of 4,500 total.
Links 09/04/2025: Quartz Fires All Writers (Shutdown, LLM Slop or Slopfarm Instead), "Bitcoin Is Crashing Hard"
Links for the day
People Are Sick of LLM Slop. Offer Them Alternatives.
We never used LLM slop for anything and we never will
Web Surveyor statCounter Sees Apple's macOS Falling From 5.6% to 3.6% in Two Months, It Might Soon be Smaller Than GNU/Linux
Apple's "value" (faked, exaggerated) is back to "pandemic times"
UK House of Lords Recognises the SLAPP Issue in the UK and EFF Pursues "Bill (That) Could Put A Stop To Censorship By Lawsuit" in the US
"A House of Lords inquiry into how the news industry can survive into the future has accused the government of “failing to prioritise” action on strategic lawsuits against public participation (SLAPPs)."
Open Source Initiative (OSI) Privacy Fiasco in Detail: Seeking Class Action Against the OSI
"LETTER SEEKING CLASS ACTION REPRESENTATION"
The Value of Slop, by Alexandre Oliva
Original by Alexandre Oliva
Gemini Links 09/04/2025: Neocities, Tinylogs, and Inter-community Protocols
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, April 08, 2025
IRC logs for Tuesday, April 08, 2025
You Can Be an A--hole to Women (Even Strangle Women) as Long as You Work for Microsoft
Recalling the Mark Shuttleworth origin story
Canonical is a Proprietary Software Reseller With a 'Debian Base'
"Canonical Ubuntu" is just Debian with some proprietary things sold on top of it